Change krbCred member to reauthCred to better clarify purpose

[moonshot.git] / mech_eap / accept_sec_context.c

diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c
index d54ea48..cc8702d 100644 (file)
--- a/mech_eap/accept_sec_context.c
+++ b/mech_eap/accept_sec_context.c
@@ -121,7 +121,7 @@ acceptReadyEap(OM_uint32 *minor, gss_ctx_id_t ctx, gss_cred_id_t cred)
     if (GSS_ERROR(major))
         return major;
 
-    if (ctx->expiryTime < time(NULL)) {
+    if (ctx->expiryTime != 0 && ctx->expiryTime < time(NULL)) {
         *minor = GSSEAP_CRED_EXPIRED;
         return GSS_S_CREDENTIALS_EXPIRED;
     }
@@ -971,8 +971,8 @@ eapGssSmAcceptGssReauth(OM_uint32 *minor,
     ctx->flags |= CTX_FLAG_KRB_REAUTH;
 
     major = gssAcceptSecContext(minor,
-                                &ctx->kerberosCtx,
-                                cred->krbCred,
+                                &ctx->reauthCtx,
+                                cred->reauthCred,
                                 inputToken,
                                 chanBindings,
                                 &krbInitiator,
@@ -991,7 +991,7 @@ eapGssSmAcceptGssReauth(OM_uint32 *minor,
     } else if (GSS_ERROR(major) &&
         (*smFlags & SM_FLAG_INPUT_TOKEN_CRITICAL) == 0) {
         /* pretend reauthentication attempt never happened */
-        gssDeleteSecContext(&tmpMinor, &ctx->kerberosCtx, GSS_C_NO_BUFFER);
+        gssDeleteSecContext(&tmpMinor, &ctx->reauthCtx, GSS_C_NO_BUFFER);
         ctx->flags &= ~(CTX_FLAG_KRB_REAUTH);
         GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_INITIAL);
         major = GSS_S_CONTINUE_NEEDED;